What is KYC and how does it work?

Maciej Zieliński

13 Apr 2022
What is KYC and how does it work?

KYC, the “Know Your Customer” rule, is a common method of user verification in connection with the start of said users use of financial services. KYC is the norm in cryptocurrencies and financial law, as professionals are required to make every effort to verify the identity, relevance and risk of maintaining business relationships with the customer. These procedures are also a measure for AML analysis, which is taking action which aim to prevent money laundering. How does KYC work? In which countries must NFT projects implement the KYC procedure? What does it require of us? We're writing about this below.

How does KYC work?

KYC processes are also used by various economic operators to ensure that their customers, agents or consultants are checked before they are given access to any financial resources. The “Know Your Client” principle (KYC) is a mandatory requirement for entities which deal with securities, bank accounts, etc.

What is included in KYC

The purpose of the provisions set out by the KYC is to prevent criminals from using businesses for money laundering and commiting other financial crimes. By linking KYC and AML, many companies understand their customers better and have the opportunity to verify the capital and payments they receive. This helps them manage risk responsibly and professionally. In principle, institutions formulate their KYC policies on the basis of the following four key elements:

  • Customer Acceptance Policy
  • Customer Identification Procedures,
  • Monitoring of Transactions,
  • Risk Management.
AML

The financial law environment is quite rigorous and makes KYC a mandatory and key procedure for financial institutions and others, as KYC minimizes the risk of fraud by identifying suspicious information at the initial stage of account creation. The KYC policy defines a client as follows. A customer is:

  • the person or entity that holds the account or is in a business relationship with the reporting entity;
  • the person on whose behalf the account is held,
  • the beneficiary of transactions carried out by professional intermediaries, such as exchange brokers, auditors or legal advisers,
  • any person or entity associated with a financial transaction that may pose a significant reputational risk or other risk to a bank, i.e. a person performing a bank transfer or issuing a “trust” on a high-value request as a single transaction.

NFT and KYC

In NFT, KYC is an element that is dependent on a given country’s policies, but also on what type of NFT will be used. Each State decides on its own whether the creation of NFT requires implementation of KYC procedures. Below we present the most popular places in the world of cryptography, which we have systematized by legislation.

Dane, Bezpieczeństwo, Klawiatura, Komputer, Laptop

KYC and cryptocurrencies

Cryptocurrencies are seen as decentralized and anonymous funds. However, these benefits are also a challenge in preventing money laundering, as criminals see cryptocurrencies as an ideal means of using illegal capital. As a result, many financial institutions are looking for ways to impose KYC on cryptocurrency markets, requiring cryptocurrency platforms to verify their clients. Currently, most of the entities have implemented or are implementing KYC into their services. Exchanges are classified in accounting terms as “crypto-to-crypto” or “fiat-to-crypto”. As crypto-crypto exchanges do not deal with traditional currency, they do not feel the same pressure to apply KYC standards as stock exchanges which store traditional currency of any sort. If stock exchanges have a traditional currency in their offer, they are more pressured by states to implement the KYC rule. Countries which show great interest in NFT have already regulated this area. The United Arab Emirates, Estonia, Switzerland and the United Kingdom are places worth familiarizing yourself with if you want to start your NFT journey.

Dubai and NFT

At present, crypto assets in the United Arab Emirates have not been classified for their purpose, which could help to determine the law in this respect. Instead, the United Arab Emirates recognizes that it is necessary to specify how cryptocurrencies or NFT are actually used. For example, a crypto resource can be used as a token of use (in this case it will not be regulated as a financial product and it is probably not necessary to implement KYC), but with an awareness of its popularity it is considered to be traded for the purpose of making an investment. If, according to the country, the NFT is seen as a means of investment, it is an investment product, then it will be treated as a financial product, resulting in its regulation using the provisions regarding UAE securities (in this case, KYC needs to be implemented in the project). In Dubai and the United Arab Emirates, there is no single law which regulates NFT. Any use of NFT is analyzed in terms of its actual use. Although Abu Dhabi Global market (ADGM) as a free financial zone regulated the use of crypto assets as virtual assets, NFT does not fall within this definition. According to this law, “the virtual resource is not produced or guaranteed by any jurisdiction”. In summary, it should be pointed out that NFT is subject to KYC only if it is practically treated as an investment project. NFT is not subject to KYC if it is treated as a token of use only.

NFT and KYC in Estonia

Until 2020, it appeared that cryptocurrencies can enjoy freedom in Estonia in terms of legal regulation. This country has become the ideal place for businesses and business professionals who wanted to legally run a business based on blockchain technology and cryptocurrencies. The license issued by Estonia also provides the possibility to provide services throughout the EU. Do you need to obtain a license to implement your NFT project in Estonia? As a general rule, not until 2020! This was due to the fact that licenses were mandatory for virtual currency service providers. The law in this case describes virtual currencies as payment-based instruments such as Ether (ETH), Bitcoin (BTC), USDT and others.
According to case-law, the NFT did not cover the definition of virtual currencies, since each NFT provides a unique, limited or documented resource that allows for the use of specific items such as digital art. NFT is treated more as a property right, rather than a means of payment. That was the case in the past, but the 2020 amendment on the legislation
regarding anti-money laundering put all entities connected with NFT, ICO and decentralized exchanges into one group. Since then, KYC is a mandatory component in the implementation of NFT projects.

Switzerland – NFT are not securities

The situation in Switzerland is similar to that in the United Arab Emirates. When NFT is used as a means of payment and can be transferred or reinvested, the regulatory authority is required to implement KYC and AML procedures. If the NFT does not belong to the securities category and serves only as a guarantee of the “right of access” to the service or digital arts, there is no mandatory obligation to implement KYC and AML procedures. However, if the NFT can in any way be used as an investment, it is subject to the definition of securities.

Great Britain – mandatory compliance with KYC standards

In the UK, the procedural requirements determining whether the creation of a NFT project requires the implementation of the KYC and AML regulations were created by the RUSI (Royal United Services Institute), the UK's defense and security think tank. The institution itself was created in 1831 and is intended to ensure the security and efficient operation of the country’s finances. According to RUSI, NFT products:

  • help guarantee an ownership record of any item by means of a digital element,
  • give creators the ability to obtain royalties from copyrights,
  • are mainly purchased using cryptocurrencies.


Unfortunately, RUSI points to the risks associated with NFT, which it defines as follows:

  • NFT is purchased using cryptocurrencies, which are often used to commit financial crimes or for money laundering.
  • There is a risk of hacking attacks on accounts of users who own NFT.
  • As such, RUSI identifies NFT as a product that requires both KYC and AML procedures to be implemented and followed.

Summary

With KYC, we gain the ability to collect and analyze a lot of customer information. This helps protect them from financial crime and facilitates the exchange of information between companies and users. In addition, KYC is an aid to AML, as at an early stage it can identify an entity that is likely to be criminogenic. As countries are increasingly concerned about the bureaucracy and regulation of each sector, KYC is an element that everyone will need to familiarize themselves with sooner or later. Let us remember that NFT may have different applications, from collectors' products to gaming, or property rights to invest. Depending on their use, as well as the geographical and legislative elements, different provisions will apply. At the same time, we stress that it is useful to consult a professional legal adviser to help you comply with applicable laws before any actions connected with KYC, AML, or NFT are taken. This article does not constitute legal advice.

Most viewed


Never miss a story

Stay updated about Nextrope news as it happens.

You are subscribed

AI-Driven Frontend Automation: Elevating Developer Productivity to New Heights

Gracjan Prusik

11 Mar 2025
AI-Driven Frontend Automation: Elevating Developer Productivity to New Heights

AI Revolution in the Frontend Developer's Workshop

In today's world, programming without AI support means giving up a powerful tool that radically increases a developer's productivity and efficiency. For the modern developer, AI in frontend automation is not just a curiosity, but a key tool that enhances productivity. From automatically generating components, to refactoring, and testing – AI tools are fundamentally changing our daily work, allowing us to focus on the creative aspects of programming instead of the tedious task of writing repetitive code. In this article, I will show how these tools are most commonly used to work faster, smarter, and with greater satisfaction.

This post kicks off a series dedicated to the use of AI in frontend automation, where we will analyze and discuss specific tools, techniques, and practical use cases of AI that help developers in their everyday tasks.

AI in Frontend Automation – How It Helps with Code Refactoring

One of the most common uses of AI is improving code quality and finding errors. These tools can analyze code and suggest optimizations. As a result, we will be able to write code much faster and significantly reduce the risk of human error.

How AI Saves Us from Frustrating Bugs

Imagine this situation: you spend hours debugging an application, not understanding why data isn't being fetched. Everything seems correct, the syntax is fine, yet something isn't working. Often, the problem lies in small details that are hard to catch when reviewing the code.

Let’s take a look at an example:

function fetchData() {
    fetch("htts://jsonplaceholder.typicode.com/posts")
      .then((response) => response.json())
      .then((data) => console.log(data))
      .catch((error) => console.error(error));
}

At first glance, the code looks correct. However, upon running it, no data is retrieved. Why? There’s a typo in the URL – "htts" instead of "https." This is a classic example of an error that could cost a developer hours of frustrating debugging.

When we ask AI to refactor this code, not only will we receive a more readable version using newer patterns (async/await), but also – and most importantly – AI will automatically detect and fix the typo in the URL:

async function fetchPosts() {
    try {
      const response = await fetch(
        "https://jsonplaceholder.typicode.com/posts"
      );
      const data = await response.json();
      console.log(data);
    } catch (error) {
      console.error(error);
    }
}

How AI in Frontend Automation Speeds Up UI Creation

One of the most obvious applications of AI in frontend development is generating UI components. Tools like GitHub Copilot, ChatGPT, or Claude can generate component code based on a short description or an image provided to them.

With these tools, we can create complex user interfaces in just a few seconds. Generating a complete, functional UI component often takes less than a minute. Furthermore, the generated code is typically error-free, includes appropriate animations, and is fully responsive, adapting to different screen sizes. It is important to describe exactly what we expect.

Here’s a view generated by Claude after entering the request: “Based on the loaded data, display posts. The page should be responsive. The main colors are: #CCFF89, #151515, and #E4E4E4.”

Generated posts view

AI in Code Analysis and Understanding

AI can analyze existing code and help understand it, which is particularly useful in large, complex projects or code written by someone else.

Example: Generating a summary of a function's behavior

Let’s assume we have a function for processing user data, the workings of which we don’t understand at first glance. AI can analyze the code and generate a readable explanation:

function processUserData(users) {
  return users
    .filter(user => user.isActive) // Checks the `isActive` value for each user and keeps only the objects where `isActive` is true
    .map(user => ({ 
      id: user.id, // Retrieves the `id` value from each user object
      name: `${user.firstName} ${user.lastName}`, // Creates a new string by combining `firstName` and `lastName`
      email: user.email.toLowerCase(), // Converts the email address to lowercase
    }));
}

In this case, AI not only summarizes the code's functionality but also breaks down individual operations into easier-to-understand segments.

AI in Frontend Automation – Translations and Error Detection

Every frontend developer knows that programming isn’t just about creatively building interfaces—it also involves many repetitive, tedious tasks. One of these is implementing translations for multilingual applications (i18n). Adding translations for each key in JSON files and then verifying them can be time-consuming and error-prone.

However, AI can significantly speed up this process. Using ChatGPT, DeepSeek, or Claude allows for automatic generation of translations for the user interface, as well as detecting linguistic and stylistic errors.

Example:

We have a translation file in JSON format:

{
  "welcome_message": "Welcome to our application!",
  "logout_button": "Log out",
  "error_message": "Something went wrong. Please try again later."
}

AI can automatically generate its Polish version:

{
  "welcome_message": "Witaj w naszej aplikacji!",
  "logout_button": "Wyloguj się",
  "error_message": "Coś poszło nie tak. Spróbuj ponownie później."
}

Moreover, AI can detect spelling errors or inconsistencies in translations. For example, if one part of the application uses "Log out" and another says "Exit," AI can suggest unifying the terminology.

This type of automation not only saves time but also minimizes the risk of human errors. And this is just one example – AI also assists in generating documentation, writing tests, and optimizing performance, which we will discuss in upcoming articles.

Summary

Artificial intelligence is transforming the way frontend developers work daily. From generating components and refactoring code to detecting errors, automating testing, and documentation—AI significantly accelerates and streamlines the development process. Without these tools, we would lose a lot of valuable time, which we certainly want to avoid.

In the next parts of this series, we will cover topics such as:

Stay tuned to keep up with the latest insights!

The Ultimate Web3 Backend Guide: Supercharge dApps with APIs

Tomasz Dybowski

04 Mar 2025
The Ultimate Web3 Backend Guide: Supercharge dApps with APIs

Introduction

Web3 backend development is essential for building scalable, efficient and decentralized applications (dApps) on EVM-compatible blockchains like Ethereum, Polygon, and Base. A robust Web3 backend enables off-chain computations, efficient data management and better security, ensuring seamless interaction between smart contracts, databases and frontend applications.

Unlike traditional Web2 applications that rely entirely on centralized servers, Web3 applications aim to minimize reliance on centralized entities. However, full decentralization isn't always possible or practical, especially when it comes to high-performance requirements, user authentication or storing large datasets. A well-structured backend in Web3 ensures that these limitations are addressed, allowing for a seamless user experience while maintaining decentralization where it matters most.

Furthermore, dApps require efficient backend solutions to handle real-time data processing, reduce latency, and provide smooth user interactions. Without a well-integrated backend, users may experience delays in transactions, inconsistencies in data retrieval, and inefficiencies in accessing decentralized services. Consequently, Web3 backend development is a crucial component in ensuring a balance between decentralization, security, and functionality.

This article explores:

  • When and why Web3 dApps need a backend
  • Why not all applications should be fully on-chain
  • Architecture examples of hybrid dApps
  • A comparison between APIs and blockchain-based logic

This post kicks off a Web3 backend development series, where we focus on the technical aspects of implementing Web3 backend solutions for decentralized applications.

Why Do Some Web3 Projects Need a Backend?

Web3 applications seek to achieve decentralization, but real-world constraints often necessitate hybrid architectures that include both on-chain and off-chain components. While decentralized smart contracts provide trustless execution, they come with significant limitations, such as high gas fees, slow transaction finality, and the inability to store large amounts of data. A backend helps address these challenges by handling logic and data management more efficiently while still ensuring that core transactions remain secure and verifiable on-chain.

Moreover, Web3 applications must consider user experience. Fully decentralized applications often struggle with slow transaction speeds, which can negatively impact usability. A hybrid backend allows for pre-processing operations off-chain while committing final results to the blockchain. This ensures that users experience fast and responsive interactions without compromising security and transparency.

While decentralization is a core principle of blockchain technology, many dApps still rely on a Web2-style backend for practical reasons:

1. Performance & Scalability in Web3 Backend Development

  • Smart contracts are expensive to execute and require gas fees for every interaction.
  • Offloading non-essential computations to a backend reduces costs and improves performance.
  • Caching and load balancing mechanisms in traditional backends ensure smooth dApp performance and improve response times for dApp users.
  • Event-driven architectures using tools like Redis or Kafka can help manage asynchronous data processing efficiently.

2. Web3 APIs for Data Storage and Off-Chain Access

  • Storing large amounts of data on-chain is impractical due to high costs.
  • APIs allow dApps to store & fetch off-chain data (e.g. user profiles, transaction history).
  • Decentralized storage solutions like IPFS, Arweave and Filecoin can be used for storing immutable data (e.g. NFT metadata), but a Web2 backend helps with indexing and querying structured data efficiently.

3. Advanced Logic & Data Aggregation in Web3 Backend

  • Some dApps need complex business logic that is inefficient or impossible to implement in a smart contract.
  • Backend APIs allow for data aggregation from multiple sources, including oracles (e.g. Chainlink) and off-chain databases.
  • Middleware solutions like The Graph help in indexing blockchain data efficiently, reducing the need for on-chain computation.

4. User Authentication & Role Management in Web3 dApps

  • Many applications require user logins, permissions or KYC compliance.
  • Blockchain does not natively support session-based authentication, requiring a backend for handling this logic.
  • Tools like Firebase Auth, Auth0 or Web3Auth can be used to integrate seamless authentication for Web3 applications.

5. Cost Optimization with Web3 APIs

  • Every change in a smart contract requires a new audit, costing tens of thousands of dollars.
  • By handling logic off-chain where possible, projects can minimize expensive redeployments.
  • Using layer 2 solutions like Optimism, Arbitrum and zkSync can significantly reduce gas costs.

Web3 Backend Development: Tools and Technologies

A modern Web3 backend integrates multiple tools to handle smart contract interactions, data storage, and security. Understanding these tools is crucial to developing a scalable and efficient backend for dApps. Without the right stack, developers may face inefficiencies, security risks, and scaling challenges that limit the adoption of their Web3 applications.

Unlike traditional backend development, Web3 requires additional considerations, such as decentralized authentication, smart contract integration, and secure data management across both on-chain and off-chain environments.

Here’s an overview of the essential Web3 backend tech stack:

1. API Development for Web3 Backend Services

  • Node.js is the go-to backend runtime good for Web3 applications due to its asynchronous event-driven architecture.
  • NestJS is a framework built on top of Node.js, providing modular architecture and TypeScript support for structured backend development.

2. Smart Contract Interaction Libraries for Web3 Backend

  • Ethers.js and Web3.js are TypeScript/JavaScript libraries used for interacting with Ethereum-compatible blockchains.

3. Database Solutions for Web3 Backend

  • PostgreSQL: Structured database used for storing off-chain transactional data.
  • MongoDB: NoSQL database for flexible schema data storage.
  • Firebase: A set of tools used, among other things, for user authentication.
  • The Graph: Decentralized indexing protocol used to query blockchain data efficiently.

4. Cloud Services and Hosting for Web3 APIs

When It Doesn't Make Sense to Go Fully On-Chain

Decentralization is valuable, but it comes at a cost. Fully on-chain applications suffer from performance limitations, high costs and slow execution speeds. For many use cases, a hybrid Web3 architecture that utilizes a mix of blockchain-based and off-chain components provides a more scalable and cost-effective solution.

In some cases, forcing full decentralization is unnecessary and inefficient. A hybrid Web3 architecture balances decentralization and practicality by allowing non-essential logic and data storage to be handled off-chain while maintaining trustless and verifiable interactions on-chain.

The key challenge when designing a hybrid Web3 backend is ensuring that off-chain computations remain auditable and transparent. This can be achieved through cryptographic proofs, hash commitments and off-chain data attestations that anchor trust into the blockchain while improving efficiency.

For example, Optimistic Rollups and ZK-Rollups allow computations to happen off-chain while only submitting finalized data to Ethereum, reducing fees and increasing throughput. Similarly, state channels enable fast, low-cost transactions that only require occasional settlement on-chain.

A well-balanced Web3 backend architecture ensures that critical dApp functionalities remain decentralized while offloading resource-intensive tasks to off-chain systems. This makes applications cheaper, faster and more user-friendly while still adhering to blockchain's principles of transparency and security.

Example: NFT-based Game with Off-Chain Logic

Imagine a Web3 game where users buy, trade and battle NFT-based characters. While asset ownership should be on-chain, other elements like:

  • Game logic (e.g., matchmaking, leaderboard calculations)
  • User profiles & stats
  • Off-chain notifications

can be handled off-chain to improve speed and cost-effectiveness.

Architecture Diagram

Below is an example diagram showing how a hybrid Web3 application splits responsibilities between backend and blockchain components.

Hybrid Web3 Architecture

Comparing Web3 Backend APIs vs. Blockchain-Based Logic

FeatureWeb3 Backend (API)Blockchain (Smart Contracts)
Change ManagementCan be updated easilyEvery change requires a new contract deployment
CostTraditional hosting feesHigh gas fees + costly audits
Data StorageCan store large datasetsLimited and expensive storage
SecuritySecure but relies on centralized infrastructureFully decentralized & trustless
PerformanceFast response timesLimited by blockchain throughput

Reducing Web3 Costs with AI Smart Contract Audit

One of the biggest pain points in Web3 development is the cost of smart contract audits. Each change to the contract code requires a new audit, often costing tens of thousands of dollars.

To address this issue, Nextrope is developing an AI-powered smart contract auditing tool, which:

  • Reduces audit costs by automating code analysis.
  • Speeds up development cycles by catching vulnerabilities early.
  • Improves security by providing quick feedback.

This AI-powered solution will be a game-changer for the industry, making smart contract development more cost-effective and accessible.

Conclusion

Web3 backend development plays a crucial role in scalable and efficient dApps. While full decentralization is ideal in some cases, many projects benefit from a hybrid architecture, where off-chain components optimize performance, reduce costs and improve user experience.

In future posts in this Web3 backend series, we’ll explore specific implementation details, including:

  • How to design a Web3 API for dApps
  • Best practices for integrating backend services
  • Security challenges and solutions

Stay tuned for the next article in this series!